package com.gjun.struts.filter;

import java.io.PrintWriter;
import java.util.Date;
import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.struts2.ServletActionContext;

import com.gjun.struts.bean.GjunsystemPrivilege;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;

public class AdminLevelCheckInterceptor extends AbstractInterceptor {

	

	public boolean checkLevel(String href,String label, List<GjunsystemPrivilege> accountPris) {
		boolean isHave = false;
		for (GjunsystemPrivilege g : accountPris) {

			if (g.getHref().equals(href) && g.getLabel().equals(label)) {
				isHave = true;
				//System.out.println("ok===================");
				break;
			}
		}
		return isHave;
	}
	
	@Override
	public String intercept(ActionInvocation invocation) throws Exception {
		//System.out.println("经过了In..asdasd.............................................");
		Map<String, Object> session = invocation.getInvocationContext()
				.getSession();
		String account = (String) session.get("account");
		Date loginTimer = (Date) session.get("loginTimer");
		if (account != null && loginTimer != null) {
//			System.out.println("这是合法的用户:   "
//					+ ServletActionContext.getRequest().getRequestURI());

			List<GjunsystemPrivilege> allPris = (List<GjunsystemPrivilege>) session
					.get("allPris");
			List<GjunsystemPrivilege> accountPris = (List<GjunsystemPrivilege>) session
					.get("accountPris");
			
			if(accountPris==null || accountPris.size()<1 || accountPris.get(0)==null){
				HttpServletResponse response = ServletActionContext.getResponse();
				response.setContentType("text/html;charset=GBK");
				PrintWriter out = response.getWriter();
				out.println("<script type='text/javascript'>");
				out.println("  alert('权限不足,无法访问')");
			    out.println("</script>");
				out.flush();
				out.close();
				return null;
			}
			
			String clientURI = ServletActionContext.getRequest()
					.getRequestURI();

			for (GjunsystemPrivilege g : allPris) {

				if (clientURI.lastIndexOf(g.getHref()) != -1) {
					//System.out.println("需要验证 "+g.getLabel());
					boolean checkResult = checkLevel(g.getHref(), g.getLabel(),
							accountPris);
					if (!checkResult) {
//						HttpServletResponse response = ServletActionContext.getResponse();
//						response.setContentType("text/html;charset=GBK");
//						
//						PrintWriter out = response.getWriter();
//						out.println("<script type='text/javascript'>");
//						out.println("  alert('权限不足,无法访问')");
//
//						out.println("</script>");
//						out.close();
						//result="levelFaild";
						//System.out.println("权限不足..........");
						return "levelFaild";
					}
				}
			}

			return invocation.invoke(); // 后续的拦截器 有拦截器 没有Action
		} else {
			HttpServletResponse response = ServletActionContext.getResponse();
			response.setContentType("text/html;charset=GBK");
			PrintWriter out = response.getWriter();
			out.println("<script type='text/javascript'>");
			out.println("  alert('非法访问')");

			out.println("</script>");
			out.close();
			return null;
		}

	}

}
